1. Field of the Invention
This invention pertains in general to software installation, and more specifically to installation of software applications in the presence of threats that are actively attempting to prevent the installation.
2. Description of the Related Art
Computer systems are continually threatened by a risk of attack from malicious computer code, such as viruses, worms, and Trojan horses. As used herein, “threats,” or “malicious computer code” or “malicious code” include any code that enters a computer without an authorized user's knowledge and/or without an authorized user's consent, or any code that enters a computer with a user's consent where the user might not have understood that the code is malicious or might not have been aware of how difficult or impossible it would be to remove the code.
Malicious code can infect a computer in a number of manners. For example, a user might insert an infected disk or other computer-readable medium into a computer so that the computer becomes infected when the disk files are accessed. In a network-based attack, malicious code can be transmitted to the computer connected to the network as an executable program, for example in an attachment to an electronic message.
Computer security programs, such as antivirus prevention/detection software, can be installed on computers in an attempt to prevent malicious code attacks. For example, antivirus-scanning software scans computer files, including electronic message attachments and electronic messages, to detect the presence of malicious code. However, in order for this antivirus software to be effective in protecting a computer it must first be successfully installed on the computer without interference. Yet, in some cases, a user may attempt to install antivirus products (or any other type of software product) on an already threat-infected machine, and the threat (e.g., malicious code) may prevent or otherwise hinder the product installation from completing or succeeding. Thus, the computer is left infected and unprotected.
Many current installation mechanisms do not attempt to prevent detection by malicious code. Once the installation is detected by the malicious code, this threat may attack the installation and prevent the install or cause the product to install incorrectly. Even if the threat does not actively try to prevent the installation, the presence of the threat on the computer can destabilize the system to such an extent that the installation of the software application will fail as a side effect of the destabilization. One mechanism for managing this issue is to do a quick scan of the computer before the installation starts and try to stop anything detected before starting the installation. However, there must be some mechanism available on the computer for effectively conducting this scan, and there is still no guarantee that all threats will be detected and will be able to be prevented before the installation occurs.
Some installation mechanisms rely on a protection module to be installed (or to be already present on the computer) that will then prevent the threat from attacking the new installation. Thus, some installation mechanisms try to quickly install a small piece of protection software that will then protect the remainder of the installation so the target software application can be installed completely and successfully. However, the protection module itself is still susceptible to attack from the threat during the protection module installation. Many current threats are now becoming aware of this protection module technique and are responding by trying to prevent the protection module itself from correctly installing on the computer, and thus preventing the ultimate installation of the software application of interest (e.g., the antivirus program). Thus, antivirus software (or other type of software) might still fail to install correctly, or might not install at all, again leaving the computer unprotected.
Therefore, there is a need in the art for a solution that allows the installation of a software application to succeed, in the presence of threats that are actively attempting to prevent the installation, without being detected, thus avoiding interference by the threats in the installation process.